zdns -- DNS zones creator helper

This is very simple Tcl-based helper functions to create DNS zones.
Many things are hardcoded there. Basically you just write ordinary
Tcl script, sourcing the rc.tcl, containing various helper functions.
It expects DOMAIN variable to be set.

Initially that utility was written on zsh, but later it was replaced
with Tcl.

* fqdn(domain) -- prints fully-qualified domain name, taking either
  "domain.", or "@", or "subdomain" names
* shorten(domain) -- prints $DOMAIN-relative shortened name, printing
  only subdomain parts or "@"
* zone(serial) -- prints SOA record with two predefined (hardcoded)
  nameservers and none DMARC policy
* mx(domain) -- add predefined MX records for given domain, with
  predefined redirect-based SPF policy
* dane(domain, [port=443]) -- add DANE records for given domain. You
  have to have tls/ subdirectory, containing zeasypki's state
  (http://www.git.stargrave.org/?p=zeasypki.git;a=blob;f=README)
  It looks in each CA's subdirectory if keypair exists for the domain,
  printing necessary CAA and TLSA records
* ssh(domain) -- searches for corresponding public key in ssh/
  subdirectory and (if it exists) prints corresponding SSHFP record
* subdomain(domain, addrs, [y mailable dane:PORT]) -- adds specified domain
  with provided space-separated addresses. It automatically calls dane
  and ssh helpers. Third argument is a list containing three optional
  elements. Unless "mailable" is specified, it prints "-all" SPF policy
  and sets null MX. If "y" is specified, it adds "y.domain" address with
  predefined $Y6 address with "-all" SPF policy and null MX
* pgp(keyid, uid) -- prints _openpgpkey DANE record for given OpenPGP
  key of desired UID. "uid" is optional and useful only if your key have
  got multiple UIDs and you need to add only the single specified one

To omit burden of sourcing rc.tcl, setting $DOMAIN and rebuilding zones
after its change, there is default.zone.do redo (http://cr.yp.to/redo.html)
target, expecting your script in $domain.tcl file.

For example the zone for nncpgo.org domain with mail-capabilities, WWW
subdomain (available via Yggdrasil network), OpenPGP DANE key,
openpgp-subdomain for WKD and necessary DANE/SSH records could be
created the following way:

    $ ln -fs /path/to/zeasypki/state tls
    $ [[ -d tls/ee/ecdsa/ca.cypherpunks.ru/openpgpkey.nncpgo.org ]]
    $ [[ -d tls/ee/gost/cagost.cypherpunks.ru/openpgpkey.nncpgo.org ]]
    $ [[ -d tls/ee/ecdsa/ca.cypherpunks.ru/www.nncpgo.org ]]
    $ [[ -d tls/ee/gost/cagost.cypherpunks.ru/www.nncpgo.org ]]

    $ mkdir -p ssh
    $ print ssh-ed25519 AAAA... > ssh/www.nncpgo.org

    $ cat > nncpgo.org.tcl <<EOF
    zone 2012011633
    mx @
    subdomain www "$GW4 $GW6 $VPS4 $VPS6" y
    subdomain openpgpkey "$GW4 $GW6" y
    pgp releases@nncpgo.org
    EOF

    $ redo nncpgo.org.zone

It will produce:

    $TTL 21600
    $ORIGIN nncpgo.org.
    nncpgo.org. 21600 IN SOA uz5....ns7.stargrave.org. admin.nncpgo.org. (
        2012011633 ; Serial
        12h ; Refresh
        2h ; Retry
        2w ; Expire
        6h ; TTL
    )
    @ NS uz5....ns7.stargrave.org.
    @ NS uz5....ns5.stargrave.org.
    _dmarc TXT "v=DMARC1; p=none"
    @ MX 10 mailfake0.stargrave.org.
    @ MX 20 mail2.stargrave.org.
    @ MX 30 mailfake1.stargrave.org.
    @ TXT "v=spf1 redirect=_spf.stargrave.org"
    www A 91.211.5.21
    www AAAA 2a03:e2c0:2663:1::1
    www A 45.10.110.72
    www AAAA 2a04:ac00:a:146::25
    www CAA 0 issue "ca.cypherpunks.ru"
    _443._tcp.www TLSA 3 1 1 0a77...d187
    www CAA 0 issue "cagost.cypherpunks.ru"
    _443._tcp.www TLSA 3 1 1 9b98...7b3a
    www SSHFP 4 2 e72b...c53f
    www TXT "v=spf1 -all"
    www MX 0 .
    y.www AAAA 21a:af91:8d0e:b05:9645:e4e9:12be:3c39
    y.www TXT "v=spf1 -all"
    y.www MX 0 .
    openpgpkey A 91.211.5.21
    openpgpkey AAAA 2a03:e2c0:2663:1::1
    openpgpkey CAA 0 issue "ca.cypherpunks.ru"
    _443._tcp.openpgpkey TLSA 3 1 1 ddf4...e89c
    openpgpkey CAA 0 issue "cagost.cypherpunks.ru"
    _443._tcp.openpgpkey TLSA 3 1 1 2075...7c3d
    openpgpkey TXT "v=spf1 -all"
    openpgpkey MX 0 .
    y.openpgpkey AAAA 21a:af91:8d0e:b05:9645:e4e9:12be:3c39
    y.openpgpkey TXT "v=spf1 -all"
    y.openpgpkey MX 0 .
    ; NNCP releases <releases@nncpgo.org>
    2019...15ac._openpgpkey TYPE61 \# 655 (...)